A communication apparatus generally performs encryption communication, updates an encryption key used for the encryption communication periodically, and notifies other communication nodes of the encryption key periodically to ensure communication security. However, if communication parties cannot be successfully notified of the encryption key notified periodically for some reason or a temporal shift in update timing of the encryption key arises between communication nodes, the communication apparatus may receive encrypted data encrypted by using an old encryption key before the update from communication parties. In such a case, there is a problem that the communication apparatus is temporarily disabled to perform communication due to a mismatch of the encryption keys between communication apparatus nodes that transmit/receive encrypted data.
To solve the problem, a conventional communication apparatus includes a new key memory that holds a newly distributed encryption key as a new key, an old key memory that holds an encryption key distributed last time as an old key, and a switching unit that switches to encryption communication by the old key held in the old key memory after unsuccessful encryption communication by the new key (see, for example, Japanese Laid-open Patent Publication No. 2007-267301).
The conventional communication apparatus encrypts an encryption key by using a common key shared by each communication node in common and distributes the encrypted encryption key to other communication nodes, but the common key is fixed and if the common key should be deciphered, the encryption key is deciphered, even if the encryption key is updated, after each update and the conventional communication has a subject of causing grave flaws of security.